Windows Downdate tool released. Telegram founder arrested. Ransomhub with 200+ victims since February.  

News

Hi folks,

Welcome to a new Friday and a new issue! Nothing major to report, just the usual stream of news which I tried to compact for you :-) Enjoy!

Dieter

Windows Downdate tool lets you 'unpatch' Windows systems

Researcher Alon Leviev has released his Windows Downdate tool, which can be used to downgrade Windows 10, Windows 11, and Windows Server systems to make them vulnerable to well-known vulnerabilities again. It's available as a Python script or a Windows executable, and has handy pre-sets to bring your target system back to being vulnerable to a specific CVE. You can find the Github repo here.

Of course, in order to do any of this you already have to own the system to a large degree. But considering the machine will keep saying it's "fully up to date", it might be a powerful persistence mechanism.

bleepingcomputer.com

Stealthy 'sedexp' Linux malware evaded detection for two years

Interesting technical write-up of how certain malware has used a udev-based persistence technique in the wild for at least two years without anyone finding out and documenting it.

bleepingcomputer.com

Quick links

  • Telegram founder arrest part of cybercrime inquiry, say prosecutors: link.
  • FBI says RansomHub breached 210 victims since February: link.
  • US offers $2.5 million reward for information on Belarusian hacker: link.
  • Employee arrested for locking Windows admins out of 254 servers in extortion plot: link.
  • Malware infiltrates Pidgin messenger’s official plugin repository: link.
  • Iran cyber operations exposed in reports from Google, Microsoft: link.

Breaches and leaks

  • Seattle airport confronts 4th day of cyberattack outages: link.
  • 31M invoices, patient consent forms, more exposed online: link.
  • American Radio Relay League confirms $1 million ransom payment: link.
  • Patelco notifies 726,000 customers of ransomware data breach: link.
  • Park’N Fly notifies 1 million customers of data breach: link.
  • Irish wildlife park warns visitors to cancel bank cards after discovering cyberattack: link.

Issues and fixes

  • SonicWall warns of critical access control flaw in SonicOS: link.
  • Versa fixes Director zero-day vulnerability exploited in attacks: link.
  • Google tags a tenth Chrome zero-day as exploited this year: link.
  • Fortra fixes critical FileCatalyst Workflow hardcoded password issue: link.
  • Hitachi Energy vulnerabilities plague SCADA power systems: link.
  • Unpatchable 0-day in surveillance cam is being exploited to install Mirai: link.

1Password: the password manager with (to me) the best UX

I'm not going to write a long marketing-heavy paragraph on this one. I just love using 1Password. The UX, the support, the integrations, it all works wonderfully. Highly recommended. (Sponsored)

1password.com

No spam, ever. We'll never share your email address and you can opt out at any time.